Those groups operate very carefully, leaving a minimal trace and wiping remnants of the malware to keep their tools secret and evade IoC-based detection. The exposure of custom malware used by sophisticated threat actors isn't common. The malware was discovered by researchers at Volexity, who retrieved it from the RAM of a MacBook Pro running macOS 11.6 (Big Sur), which was compromised in a late 2021 cyberespionage campaign. Researchers have discovered a previously unknown macOS malware variant called GIMMICK, which is believed to be a custom tool used by a Chinese espionage threat actor known as 'Storm Cloud.'
0 Comments
Leave a Reply. |